All the vulnerabilites related to Trend Micro, Inc. - Trend Micro Deep Security
jvndb-2018-000013
Vulnerability from jvndb
Published
2018-02-15 16:39
Modified
2018-04-11 12:23
Severity ?
Summary
Insecure DLL Loading issue in multiple Trend Micro products
Details
Multiple products provided by Trend Micro Incorporated contain an insecure DLL loading issue (CWE-427).
When invoking the installers of other applications while the concerned products are installed to the PC, the DLL placed in the same directory as the the installers (of the other applications) may be insecurely loaded.
Hidenori Ohta of Mitsubishi Electric Information Systems Corporation reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000013.html",
"dc:date": "2018-04-11T12:23+09:00",
"dcterms:issued": "2018-02-15T16:39+09:00",
"dcterms:modified": "2018-04-11T12:23+09:00",
"description": "Multiple products provided by Trend Micro Incorporated contain an insecure DLL loading issue (CWE-427).\r\n When invoking the installers of other applications while the concerned products are installed to the PC, the DLL placed in the same directory as the the installers (of the other applications) may be insecurely loaded.\r\n\r\nHidenori Ohta of Mitsubishi Electric Information Systems Corporation reported this vulnerability to IPA.\r\n JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2018/JVNDB-2018-000013.html",
"sec:cpe": [
{
"#text": "cpe:/a:trendmicro:business_security",
"@product": "Worry-Free Business Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:business_security_services",
"@product": "Worry-Free Business Security Services",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:deep_security",
"@product": "Trend Micro Deep Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:endpoint_sensor",
"@product": "Trend Micro Endpoint Sensor",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:security",
"@product": "Trend Micro Security",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:trendmicro:virus_baster_corporate_edition",
"@product": "OfficeScan",
"@vendor": "Trend Micro, Inc.",
"@version": "2.2"
}
],
"sec:cvss": [
{
"@score": "6.8",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"@version": "2.0"
},
{
"@score": "7.8",
"@severity": "High",
"@type": "Base",
"@vector": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"@version": "3.0"
}
],
"sec:identifier": "JVNDB-2018-000013",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN28865183/index.html",
"@id": "JVN#28865183",
"@source": "JVN"
},
{
"#text": "https://jvn.jp/en/ta/JVNTA91240916/index.html",
"@id": "JVNTA#91240916",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6218",
"@id": "CVE-2018-6218",
"@source": "CVE"
},
{
"#text": "https://nvd.nist.gov/vuln/detail/CVE-2018-6218",
"@id": "CVE-2018-6218",
"@source": "NVD"
},
{
"#text": "https://www.ipa.go.jp/security/ciadr/vul/20180215-jvn.html",
"@id": "Security Alert for Vulnerability in multiple Trend Micro products (JVN#28865183)",
"@source": "IPA SECURITY ALERTS"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Insecure DLL Loading issue in multiple Trend Micro products"
}
cve-2024-51503
Vulnerability from cvelistv5
Published
2024-11-19 19:00
Modified
2024-11-21 04:55
Severity ?
EPSS score ?
Summary
A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain.
Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Trend Micro, Inc. | Trend Micro Deep Security |
Version: 20 ≤ cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5995:*:*:long_term_support:*:*:* |
|
|
|||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-51503",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-20T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-21T04:55:15.526Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:trendmicro:deep_security_agent:20.0:update5995:*:*:long_term_support:*:*:*"
],
"product": "Trend Micro Deep Security",
"vendor": "Trend Micro, Inc.",
"versions": [
{
"lessThan": "20.0.1-21510",
"status": "affected",
"version": "20",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine. In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: OS Command Injection",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-19T19:00:51.467Z",
"orgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"shortName": "trendmicro"
},
"references": [
{
"url": "https://success.trendmicro.com/en-US/solution/KA-0018154"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1516/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "7f7bd7df-cffe-4fdb-ab6d-859363b89272",
"assignerShortName": "trendmicro",
"cveId": "CVE-2024-51503",
"datePublished": "2024-11-19T19:00:51.467Z",
"dateReserved": "2024-10-28T17:36:11.711Z",
"dateUpdated": "2024-11-21T04:55:15.526Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}